You’ve probably seen the name “FaceApp” in the news this past week.

A silly photo challenge (aka the #FaceAppChallenge) hit the internet a few days ago, and it seemed like you couldn’t scroll a centimeter without seeing a friend, family member or celebrity like this:

The next viral challenge was on in full effect!

But then, as it does with the fickle internet, the tone transformed from fun to fear overnight.

“FaceApp raises concern over privacy, connection to Russia”- MSN

“FaceApp’s Russia link sparks security concerns” – TODAY

“AI photo editor FaceApp goes viral again on iOS, raises questions about photo library access” – TechCrunch

What is FaceApp?

FaceApp is a phone app that edits photos through artificial intelligence. It’s actually gone viral several times since 2017, but it’s recently been in the spotlight with the old-age filter.

What Were the Security Concerns?

User privacy came under scrutiny after a one tweet from an app developer suggested that, in order to access the app (and participate in the social challenge), the app scanned and stored all your phone’s photos.

Then the app headquarters came into play: Russia.

Why would a photo app upload all your photos and send them to Russia?

As you can imagine, the internet went into a frenzy. Our Senate Minority Leader, Chuck Schumer, even advised an FBI and Federal Trade Commission investigation.

The more people started looking into the issue, the more people found this to actually be untrue.

FaceApp founder Yaroslav Goncahrov provided a statement, confirming: “We only upload a photo selected by a user for editing. We never transfer any other images from the phone to the cloud… Most images are deleted from our servers within 48 hours from the upload date.”

What Are the Security Implications?

At first blush, this may seem like another story about internet outrage and the flip-flop of public opinion.

But it does beg the question: What are apps doing with the personal data we provide?

FaceApp might not be stealing all your photos and sending them to evil Russian spies—but it does get 100% access to all your photos in order to submit the ones you want for certain edits. Why not process the images on the phone itself?

And even if the app isn’t using photos for malicious intent, with the spotlight now shining on a treasure trove of personal data, it’s only a matter of time before the next FaceApp headline surrounds a data breach.

Your photos in the wrong hands could mean impersonation (ever heard of catfishing?) or—worst case scenario—even blackmail.

At the very least, the thought is unsettling.

Lessons Learned

So, what can we learn from all of this?

Read the privacy policy of every phone and computer application before you download it. If it wants full access to some piece of data—is it really worth it?

Check your apps to see what data they use, like tracking location, connecting with other applications, and accessing search history.

If you’re not comfortable with what you see, change your settings or remove the applications altogether.

What are your thoughts on the recent FaceApp craziness? Let us know in the comments down below!

See if your identity has been compromised.